Researcher Gives Apple Details of macOS Keychain Security Flaw Despite No Mac Bug Bounty Program
A German teenager who discovered a macOS Keychain security flaw last month has now shared the details with Apple, after having initially refused to hand them over because of the company's lack of a bug bounty program for the Mac.
Eighteen-year-old Linus Henze dubbed the zero-day macOS vulnerability he found "KeySteal," which, as demoed in the video above, can be used to disclose all sensitive data stored in the Keychain app.
Henze said he decided to reveal the details to Apple because the bug "is very critical and because the security of macOS users is important to me."
After Henze released the video in early February, Apple's security team reached out to him, but the researcher said he wouldn't disclose the details without a cash reward, arguing that discovering the vulnerabilities takes time.
"Even if it looks like I'm doing this just for money, this is not my motivation at all in this case," said Henze. "My motivation is to get Apple to create a bug bounty program. I think that this is the best for both Apple and Researchers."
Apple has a reward program for iOS that provides money to those who discover bugs, but there is no similar payment system for macOS bugs.
Popular Stories
Unidentified governments are surveilling smartphone users by tracking push notifications that move through Google's and Apple's servers, a US senator warned on Wednesday (via Reuters). In a letter to the Department of Justice, Senator Ron Wyden said foreign officials were demanding the data from the tech giants to track smartphones. The traffic flowing from apps that send push notifications...
iOS 17.2 has been in beta testing for over a month, and it should be released to all users in a few more weeks. The software update includes many new features and changes for iPhones, including the dozen that we have highlighted below. iOS 17.2 is expected to be released to the public in mid-December. To learn about even more features coming in the update, check out our full list. Journal ...
Recently, MacRumors has received details on the battery currently being tested on the upcoming fourth-generation iPhone SE, and the information corroborates previous findings in relation to the device. The iPhone SE 4, known by its device identifier D59, is expected to use the exact same battery found in the base model iPhone 14. Partially assembled prototypes of the next iPhone SE have been ...
Best Buy's month-long holiday sale continues this weekend with multiple all-time low prices on Apple's line of MacBook Pro and MacBook Air computers. In addition to Apple notebooks, Best Buy's event has discounts sitewide on home appliances, TVs, video games, and more. Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive...
Apple appears to have closed the loophole that Beeper Mini used to bring iMessage to Android, putting a stop to blue bubbles from Android devices. Beeper Mini quit working earlier today, with users receiving "failed to lookup on server: lookup request timed out" error messages. Beeper said on Twitter that it is investigating the issue, but Beeper CEO Eric Migicovsky told TechCrunch that "all ...
Apple's iPhone 15 lineup came out in September, and while most reviews are done shortly after a new device launches, we like to follow up with a longer term review that gives us an opportunity to provide a deeper dive into what it's like using these phones on a day to day basis for months. Subscribe to the MacRumors YouTube channel for more videos. MacRumors videographer Dan Barbera has been...
To boost falling iPad sales, Apple has a major refresh planned for the iPad lineup in early 2024, according to Bloomberg's Mark Gurman. Apple plans to debut new iPad Air and iPad Pro models, both of which will feature notable changes. The iPad Air will come in two sizes like the iPad Pro for the first time. The smaller model will continue to measure in at 10.9 inches, but the larger version...
Anker has launched its newest holiday sale, this one offering a special deal every day in the lead-up to Christmas. These sales offer up to 50 percent off select products, and include discounts on USB-C chargers, portable batteries, and much more. Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment, which ...
Top Rated Comments
Thank you, Linus.
Now, Apple, listen to the people, and start bug bounty program.